Examples with Saml20AttributeBuilder - org.apereo.cas.support.saml.util.Saml20AttributeBuilder

Example 1 with Saml20AttributeBuilder

use of org.apereo.cas.support.saml.util.Saml20AttributeBuilder in project cas by apereo.

the class SamlProfileSamlAttributeStatementBuilder method newAttributeStatement.

/**
 * New attribute statement.
 *
 * @param context    the context
 * @param attributes the attributes
 * @param builder    the builder
 * @return the attribute statement
 * @throws Exception the exception
 */
public AttributeStatement newAttributeStatement(final SamlProfileBuilderContext context, final Map<String, Object> attributes, final Saml20AttributeBuilder builder) throws Exception {
    val attrStatement = SamlUtils.newSamlObject(AttributeStatement.class);
    val resp = samlIdPProperties.getResponse();
    val nameFormats = new HashMap<>(resp.configureAttributeNameFormats());
    nameFormats.putAll(context.getRegisteredService().getAttributeNameFormats());
    val globalFriendlyNames = samlIdPProperties.getCore().getAttributeFriendlyNames();
    val friendlyNames = new HashMap<>(CollectionUtils.convertDirectedListToMap(globalFriendlyNames));
    val urns = new HashMap<String, String>();
    attributeDefinitionStore.getAttributeDefinitions().stream().filter(defn -> defn instanceof SamlIdPAttributeDefinition).map(SamlIdPAttributeDefinition.class::cast).forEach(defn -> {
        if (StringUtils.isNotBlank(defn.getFriendlyName())) {
            friendlyNames.put(defn.getKey(), defn.getFriendlyName());
        }
        if (StringUtils.isNotBlank(defn.getUrn())) {
            urns.put(defn.getKey(), defn.getUrn());
        }
    });
    friendlyNames.putAll(context.getRegisteredService().getAttributeFriendlyNames());
    SamlIdPAttributeDefinitionCatalog.load().filter(defn -> !friendlyNames.containsKey(defn.getKey())).forEach(defn -> {
        friendlyNames.put(defn.getKey(), defn.getFriendlyName());
        urns.put(defn.getKey(), defn.getUrn());
    });
    for (val entry : attributes.entrySet()) {
        var attributeValue = entry.getValue();
        if (attributeValue instanceof Collection<?> && ((Collection<?>) attributeValue).isEmpty()) {
            LOGGER.info("Skipping attribute [{}] because it does not have any values.", entry.getKey());
            continue;
        }
        val friendlyName = friendlyNames.getOrDefault(entry.getKey(), null);
        val attributeNames = urns.containsKey(entry.getKey()) ? List.of(urns.get(entry.getKey())) : getMappedAttributeNamesFromAttributeDefinitionStore(entry);
        for (val name : attributeNames) {
            LOGGER.trace("Processing SAML attribute [{}] with value [{}], friendlyName [{}]", name, attributeValue, friendlyName);
            val valueType = context.getRegisteredService().getAttributeValueTypes().get(name);
            if (NameIDType.class.getSimpleName().equalsIgnoreCase(valueType)) {
                val nameIdObject = samlNameIdBuilder.build(context);
                if (nameIdObject instanceof NameID) {
                    val nameID = newSamlObject(NameID.class);
                    val nameId = (NameID) nameIdObject;
                    nameID.setFormat(nameId.getFormat());
                    nameID.setNameQualifier(nameId.getNameQualifier());
                    nameID.setSPNameQualifier(nameId.getSPNameQualifier());
                    nameID.setValue(nameId.getValue());
                    attributeValue = nameID;
                }
            }
            if (NameID.PERSISTENT.equalsIgnoreCase(valueType)) {
                val nameID = newSamlObject(NameID.class);
                nameID.setFormat(NameID.PERSISTENT);
                nameID.setNameQualifier(SamlIdPUtils.determineNameIdNameQualifier(context.getRegisteredService(), samlIdPMetadataResolver));
                FunctionUtils.doIf(StringUtils.isNotBlank(context.getRegisteredService().getServiceProviderNameIdQualifier()), value -> nameID.setSPNameQualifier(context.getRegisteredService().getServiceProviderNameIdQualifier()), value -> nameID.setSPNameQualifier(context.getAdaptor().getEntityId())).accept(context.getRegisteredService());
                CollectionUtils.firstElement(attributeValue).ifPresent(value -> nameID.setValue(value.toString()));
                attributeValue = nameID;
            }
            LOGGER.debug("Creating SAML attribute [{}] with value [{}], friendlyName [{}]", name, attributeValue, friendlyName);
            val attribute = newAttribute(friendlyName, name, attributeValue, nameFormats, resp.getDefaultAttributeNameFormat(), context.getRegisteredService().getAttributeValueTypes());
            LOGGER.trace("Created SAML attribute [{}] with NameID format [{}]", attribute.getName(), attribute.getNameFormat());
            builder.build(attrStatement, attribute);
        }
    }
    return attrStatement;
}

Also used : lombok.val(lombok.val) AbstractSaml20ObjectBuilder(org.apereo.cas.support.saml.util.AbstractSaml20ObjectBuilder) HashMap(java.util.HashMap) StringUtils(org.apache.commons.lang3.StringUtils) WebApplicationService(org.apereo.cas.authentication.principal.WebApplicationService) SamlUtils(org.apereo.cas.support.saml.SamlUtils) ProtocolAttributeEncoder(org.apereo.cas.authentication.ProtocolAttributeEncoder) Saml20AttributeBuilder(org.apereo.cas.support.saml.util.Saml20AttributeBuilder) SamlIdPObjectEncrypter(org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectEncrypter) FunctionUtils(org.apereo.cas.util.function.FunctionUtils) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Map(java.util.Map) CollectionUtils(org.apereo.cas.util.CollectionUtils) ServiceFactory(org.apereo.cas.authentication.principal.ServiceFactory) AttributeDefinitionStore(org.apereo.cas.authentication.attribute.AttributeDefinitionStore) Collection(java.util.Collection) SamlIdPProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties) lombok.val(lombok.val) MetadataResolver(org.opensaml.saml.metadata.resolver.MetadataResolver) SamlIdPUtils(org.apereo.cas.support.saml.SamlIdPUtils) OpenSamlConfigBean(org.apereo.cas.support.saml.OpenSamlConfigBean) AttributeDefinition(org.apereo.cas.authentication.attribute.AttributeDefinition) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) SamlProfileBuilderContext(org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileBuilderContext) SAMLObject(org.opensaml.saml.common.SAMLObject) SamlProfileObjectBuilder(org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder) NameIDType(org.opensaml.saml.saml2.core.NameIDType) NameID(org.opensaml.saml.saml2.core.NameID) HashMap(java.util.HashMap) NameID(org.opensaml.saml.saml2.core.NameID) NameIDType(org.opensaml.saml.saml2.core.NameIDType)

Aggregations

Collection (java.util.Collection)1 HashMap (java.util.HashMap)1 List (java.util.List)1 Map (java.util.Map)1 Slf4j (lombok.extern.slf4j.Slf4j)1 lombok.val (lombok.val)1 StringUtils (org.apache.commons.lang3.StringUtils)1 ProtocolAttributeEncoder (org.apereo.cas.authentication.ProtocolAttributeEncoder)1 AttributeDefinition (org.apereo.cas.authentication.attribute.AttributeDefinition)1 AttributeDefinitionStore (org.apereo.cas.authentication.attribute.AttributeDefinitionStore)1 ServiceFactory (org.apereo.cas.authentication.principal.ServiceFactory)1 WebApplicationService (org.apereo.cas.authentication.principal.WebApplicationService)1 SamlIdPProperties (org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties)1 OpenSamlConfigBean (org.apereo.cas.support.saml.OpenSamlConfigBean)1 SamlIdPUtils (org.apereo.cas.support.saml.SamlIdPUtils)1 SamlUtils (org.apereo.cas.support.saml.SamlUtils)1 AbstractSaml20ObjectBuilder (org.apereo.cas.support.saml.util.AbstractSaml20ObjectBuilder)1 Saml20AttributeBuilder (org.apereo.cas.support.saml.util.Saml20AttributeBuilder)1 SamlProfileBuilderContext (org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileBuilderContext)1 SamlProfileObjectBuilder (org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder)1